401 is a specific status code for kicking in *HTTP* authentication.
It requires servers to supply an appropriate WWW-Authenticate header.
It seems to be not a "general status code" of your sense.
The proposed 511 is a status code in general 5XX category,
indicating that there is no way at HTTP level to successfully
complete the request at this moment, due to some server-side reason.
The 511 status carries a "hint", in addition to usual 5XX statuses,
to clients that the provided response is not supplied directly
from the requested peer, and some man-in-the-middle has
refused to forward a request without some more user
interactions (usually an application-level authentication or payments).
Such interactions are performed in some higher protocol layer than HTTP.
2011/11/14 TianLinyi <tianlinyi@huawei.com>:
> Hi, Mark
>
> I am wondering the relationship betwen "511 Network Authentication Required" and " 401 Unauthorized". 401 is a general status code for requiring user authentication. However "requiring network access" may be part of the sementics of user authentication. How to clearly distinguish them?
>
> In the description it mentioned the following sentence:
> The response representation SHOULD indicate how to do this; e.g.,
> Â with an HTML form for submitting credentials.
> However it is clear how to do this? Will it be leaving to implementation (e.g. the parameters included in the HTML form)?
>
> Cheers,
> Linyi
>
> On 13/11/2011, at 8:33 PM, Randall Gellens wrote:
>
>> In today's APPAREA/APPSWG session, Mark briefly talked about this
>> draft, and when mentioning the 511 code, said that his intent was not
>> to encourage captive portal interception as a technique for network
>> access authorization or authentication, but rather to reduce the harm
>> that such mechanisms cause.
>>
>> I agree with all these goals, but in looking at
>> draft-nottingham-http-new-status-03.txt, I wonder if it would be
>> helpful to add some text in section 6 that mentions some of the ill
>> effects of the method, and mentions or points to a few better
>> alternative mechanisms for authorizing network access.
>
>
>>
>> --
>> Randall Gellens
>> Opinions are personal; Â Â facts are suspect; Â Â I speak for myself only
>> -------------- Randomly selected tag: ---------------
>> Hofstadter's Law:
>> Â It always takes longer than you expect, even when you take
>> Â Hofstadter's Law into account.
>
> --
> Mark Nottingham
> http://www.mnot.net/
>
>
>
>
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
> _______________________________________________
> apps-discuss mailing list
> apps-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/apps-discuss
>
--
--
Yutaka OIWA, Ph.D. Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Research Scientist
Â Â Â Â Â Â Â Â Â Â Â Â Â Â Research Center for Information Security (RCIS)
Â Â National Institute of Advanced Industrial Science and Technology (AIST)
Â Â Â Â Â Â Â Â Â Â Â Mail addresses: <y.oiwa@aist.go.jp>, <yutaka@oiwa.jp>
OpenPGP: id[440546B5] fp[7C9F 723A 7559 3246 229D Â 3139 8677 9BD2 4405 46B5]